openSUSE Security Update : exim (openSUSE-SU-2011:0456-1)

This exim security update fixes importer string handling in DKIM signatures. CVE-2011-1764 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update exim-4507. The text description of this plugin is C...

openSUSE Security Update : exim (openSUSE-SU-2011:0456-1)

This exim security update fixes importer string handling in DKIM signatures. CVE-2011-1764 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update exim-4507. The text description of this plugin is C...

SuSE Update for exim openSUSE-SU-2012:1404-1 (exim)

Check for the Version of exim OpenVAS Vulnerability Test $Id: gbsuse201214041.nasl 8267 2018-01-02 06:29:17Z teissa $ SuSE Update for exim openSUSE-SU-2012:1404-1 exim Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-1764

Summary: CVE-2011-1764 is a format string vulnerability in Exim’s DKIM handling. The flaw affects Exim before 4.76, in the dkim_exim_verify_finish function (src/dkim.c). By injecting format specifiers (e.g., a % character) into data used for DKIM logging (identity field), an unauthenticated remot...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

Debian Security Advisory DSA 2232-1 (exim4)

The remote host is missing an update to exim4 announced via advisory DSA 2232-1. OpenVAS Vulnerability Test $Id: deb22321.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2232-1 exim4 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian: Security Advisory (DSA-2232-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

smtp-vuln-cve2011-1764 NSE Script

Checks for a format string vulnerability in the Exim SMTP server version 4.70 through 4.75 with DomainKeys Identified Mail DKIM support CVE-2011-1764. The DKIM logging mechanism did not use format string specifiers when logging some parts of the DKIM-Signature header field. A remote attacker who ...

Fedora Update for exim FEDORA-2011-7059

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for exim FEDORA-2011-7047

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 15 : exim-4.76-2.fc15 (2011-7111)

This update fixes two remote execution exploits in DKIM processing code CVE-2011-1407, CVE-2011-1764. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 13 : exim-4.76-1.fc13 (2011-7059)

This update fixes two remote execution exploits in DKIM processing code CVE-2011-1407, CVE-2011-1764. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 14 : exim-4.76-1.fc14 (2011-7047)

This update fixes two remote execution exploits in DKIM processing code CVE-2011-1407, CVE-2011-1764. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Ubuntu Update for exim4 USN-1130-1

Ubuntu Update for Linux kernel vulnerabilities USN-1130-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11301.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for exim4 USN-1130-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Security fix for the ALT Linux 5 package exim version 4.76-alt0.M50P.1

May 16, 2011 Gleb Fotengauer-Malinovskiy 4.76-alt0.M50P.1 - Backport to p5 fixes CVE-2011-1764...

FreeBSD : Exim -- remote code execution and information disclosure (36594c54-7be7-11e0-9838-0022156e8794)

Release notes for Exim 4.76 says : Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a format-string attack -- SECURITY: remote arbitrary code execution. DKIM signature header parsing was double-expanded, second time unintentionally subject to list matching rules, letting the header cau...

Exim < 4.76 dkim_exim_verify_finish() DKIM-Signature Header Format String

Based on its response to a specially formatted mail message, the Exim mail server listening on this port appears to be affected by a format string vulnerability. The vulnerability is due to a failure in the dkimeximverifyfinish function to properly sanitize format string specifiers in the...

Exim -- remote code execution and information disclosure

Release notes for Exim 4.76 says: Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a format-string attack -- SECURITY: remote arbitrary code execution. DKIM signature header parsing was double-expanded, second time unintentionally subject to list matching rules, letting the header caus...